I like the idea of using a master password as a salt to generate per-site passwords. This is similar to an idea I had except that in my version the final passwords were generated by using the bits of the hashed string to pick a number of real words from a fixed length dictionary. For example if you had a dictionary of 4096 (2 ^ 12) words, the first 36 bits could be used to pick three words from this list. (You would need to add some extra characters as well to pass password rules but you see the idea.)
The reason I like this scheme is that, once generated, the passwords for each account would be easy to remember purely mentally, whereas passwords made from a random sequence are hard to remember. This would mean that for sites you use often you would not need to keep regenerating the passwords.
For this to work, the extra characters should probably be chosen by the user but fixed for all accounts.
I like the idea of using a master password as a salt to generate per-site passwords. This is similar to an idea I had except that in my version the final passwords were generated by using the bits of the hashed string to pick a number of real words from a fixed length dictionary. For example if you had a dictionary of 4096 (2 ^ 12) words, the first 36 bits could be used to pick three words from this list. (You would need to add some extra characters as well to pass password rules but you see the idea.)
The reason I like this scheme is that, once generated, the passwords for each account would be easy to remember purely mentally, whereas passwords made from a random sequence are hard to remember. This would mean that for sites you use often you would not need to keep regenerating the passwords.
For this to work, the extra characters should probably be chosen by the user but fixed for all accounts.